network security - FoggyKitchen.com

13Feb, 2026

Azure NAT Gateway with Terraform: Designing Outbound Access for Private Subnets

Posted by Martin Linxfeld
Categories Azure Design Notes
Comments 0 comment
Tags Azure, Azure NAT Gateway, Azure Networking, cloud architecture, FoggyKitchen, Infrastructure as Code, network security, OpenTofu, private subnet, terraform

Private workloads still need the internet.Not for exposure — but for controlled, auditable outbound traffic. In Azure, outbound connectivity is often treated as an afterthought — yet Azure NAT Gateway Terraform provides a clean, architecture-grade way to design outbound identity for private subnets. In production platforms, the real architectural question …

06Feb, 2026

Azure NSG is not a firewall: Designing security boundaries with Terraform (NIC vs Subnet)

Posted by Martin Linxfeld
Categories Azure Design Notes
Comments 0 comment
Tags Azure, azure design patterns, Azure Networking, azure nsg, cloud architecture, Infrastructure as Code, network security, network security group, OpenTofu, terraform

Azure NSG design patterns are not about opening ports — they are about defining security boundaries in your network architecture. 🔵 Azure NSG vs Firewall — What’s the Difference? (Terraform Example) module “compute” { source = “github.com/foggykitchen/terraform-az-fk-compute” attach_nsg_to_nic = true nsg_id = module.nsg.id } module “private_subnet_nsg” { source = “github.com/foggykitchen/terraform-az-fk-nsg” …

Login with your site account

Register a new account